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Abstract 


Worldwide, there are a multiplicity of parallel activities being undertaken in 
developing international standards, regulations and individual organisational 
policies related to AI and its trustworthiness characteristics. The current lack of 
mappings between these activities presents the danger of a highly fragmented global 
landscape emerging in AI trustworthiness. This could present society, government 
and industry with competing standards, regulations and organisational practices 
that will then serve to undermine rather than build trust in AI. This chapter presents 
a simple ontology that can be used for checking the consistency and overlap of 
concepts from different standards, regulations and policies. The concepts in this 
ontology are grounded in an overview of AI standardisation currently being under- 
taken in ISO/IEC JTC 1/SC 42 and identifies its project to define an Al management 
system standard (AIMS or ISO/IEC WD 42001) as the starting point for establishing 
conceptual mapping between different initiatives. We propose a minimal, high level 
ontology for the support of conceptual mapping between different documents and 
show in the first instance how this can help map out the overlaps and gaps between 
and among SC 42 standards currently under development. 
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1. Introduction 


To be effective, future regulation and organisational policy aimed at achieving 
trustworthy AI must be supported by some degree of standardisation in processes 
and technological interoperability. The rapid development of AI technologies and 
the growth of investment in AI applications presents a pacing problem, wherein 
the rapid change in characteristics of AI related to policy and regulatory issues 
outpaces ability of societies to legislate for or regulate the technology. At the same 
time, the multinational nature of the major commercial developers of AI, plus 
the expanding access to AI skills and computing resources means that standards 
must be agreed internationally to be of widespread use in supporting policy and 
regulations. While there has been an explosion in policy documents from national 
authorities, international organisations and the private sector on the ethical impli- 
cations of AI, standards in this area have been slower to emerge. Understanding 
existing standardised ICT development and organisational management practices 
offer insight into the extent to which they may provide a basis for standardising 
practice in governing the development and use of more trustworthy and ethi- 
cal AI. Standards Developing Organisations (SDOs) vary in their approach to 
addressing specific ethical issues. 
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The Institute of Electrical and Electronic Engineers (IEEE) global initiative on 
ethically aligned design for autonomous and intelligent systems has spawned the 
IEEE 7000 standards working group that places ethical issues at its heart [1]. This 
work was seeded from a set of principles defined in a comprehensive international 
export review on Ethically Aligned Design [2], which also highlighted the influence 
of classical ethics, professional ethics and different moral worldviews. 

A different approach is taken by the ISO/IEC Joint Technical Committee 
1 (JTC1). JTC1 which was established by the International Standardisation 
Organisation (ISO) and the International Electro-technical Commission (IEC) 
in 1987 to develop, maintain and promote standards in the fields of Information 
Technology (IT) and Information and Communications Technology (ICT). Expert 
contributions are made via national standards bodies and documents (over 3000 to 
date) are often used as technical interoperability and process guideline standards in 
national policies and international treaties, as well as being widely adopted by com- 
panies worldwide. Statements of relevance to UN Sustainable Development Goals 
and Social Responsibility Guidelines are an inherent part of all new standardisation 
projects proposed in JTC 1 [3]. AI standards are addressed together with big data 
technology standards by the JTC 1 subcommittee (SC) 42 which was first chartered 
in autumn 2017 and held its inaugural meeting in April 2018. As of the end of 2020 
it has published six standards and has active projects addressing 23 others (https:// 
www.iso.org/committee/6794475.html). 

This chapter highlights the challenges facing companies and authorities 
worldwide in advancing from the growing body of work on ethical and trust- 
worthy AI principles to a consensus on organisational practices that can deliver 
on these principles across the global marketplace for Al-based ICT. We review 
how SC 42 standardisation efforts benefit from building on established process 
standards in areas of management systems, IT governance, risk and system 
engineering. From this analysis, we identify a simple conceptual model that 
can be used to capture the semantic mapping between different SC 42 stan- 
dards. An ontology is used as it allows a conceptual model to be defined that 
links together concepts via association into a network of concepts. This has the 
potential to establish an open ontology that can map between core concepts from 
standardisation and pre-standardisation deliverables in varied states develop- 
ment, formal approval, and international community consensus with concepts 
needed to address trustworthy AI. Such a network allows the definition of terms 
and concepts from different standards related documents to be interlinked and 
thereby the consistency of conceptual use between different can be analysed and 
improvements suggested. While this is not intended to replace the consistency 
checking that occurs naturally in the JTC1 standards development process, it 
does allow us to identify some mapping and comparisons between different 
forms of standard that have been applied to different areas of standardisation 
in SC 42. We conclude then by suggesting how this approach can be extended 
to enable similar comparisons with the use of concepts in documents being 
drafted by other SDO committees and by other bodies, including regulatory 
proposals, civic society policy proposals and guidelines developed by individual 
organisations. 


2. Challenges of building international consensus on governing 
trustworthy AI 


Since 2017 there has been an explosion in AI initiatives globally. As of 
February 2021, the Council of Europe’ tracker (https://www.coe.int/en/web/ 
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artificial-intelligence/national-initiatives) has identified over 450 such initiatives 
world wide, primarily from national authorities, international organisations and 
the private sector. The most frequently discussed address subjects include privacy, 
human rights, transparency, responsibility, trust, accountability, freedom, fair- 
ness and diversity. Influential works such as the IEEE EAD [2], the EU’s High Level 
Expert Group on AI [4] and the OECD [5] often present these issues under the 
banner of ethical or trustworthy AI. 

Scholars and think tanks have analysed this growing body of documents on 
ethical and trustworthy AI. One extensive survey identifies an apparent consensus 
on the importance of ethical principles of transparency, justice, non-maleficence, 
responsibility, and privacy, whereas other issues of sustainability, dignity, and 
solidarity in relation to labour impact and distribution garner far less attention 
across works [6]. Public authority works are identifying gaps in relation to the 
use of AI by governments and in weapon systems [7]. Private sector outputs have 
been criticised as instruments to reduce demand for government regulation [8], 
as potential barriers to new market entrants [9] and failing to address tensions 
between ethical and commercial imperatives within organisations [10]. A general 
criticism is a focus on individual rather than collective harms such as loss of social 
cohesion and harm to democratic systems [11]. The required progression from 
approaches that propose broad principles, to specific and verifiable practices that 
can be implemented by organisations and, where deemed necessary, regulated by 
legislation, implies a focus on governance and management of AI. Appropriate 
governance, management, and risk management measures can reinforce ben- 
efits and mitigate the ethical and societal risks of employing AI technology. 
Governance approaches can be characterised as [12]: market-based, resulting 
from value-chain partner pressures, including from consumers; self-organisation, 
based on an organisation's internal policies; self-regulation based on industry wide 
agreement on norms and practices; and co-regulation based on industry compli- 
ance with government regulation and legislation. There have been some proposals 
for possible regulatory structures including: new national [13] and international 
[14] co-regulatory bodies and internal (self-regulatory) ethics boards that may 
help organisations implement best practice [15, 16]. However, AI governance 
through co-regulation presents a number of major challenges [17]. These include: 
reaching stable consensus on what defines AI; widening access to AI skills and 
computing infrastructure obscuring developments from regulators; the diffu- 
sion of AI development over locations and jurisdictions globally; the emergence 
of impacts of an AI system only when assembled into a product or service; the 
opacity of modern subsymbolic machine learning methods and techniques, i.e. 
their unsuitability for clear human readable explanations; the potential for highly 
automated Al-driven systems to behave in unforeseeable ways that can escape the 
visibility or control of those responsible for them. More broadly, co-regulation is 
challenged by: the pacing problem, as AI technology develops faster than society's 
ability to legislate for it; international cooperation needed for common standards 
being impeded by AI’s perceived role as a strategic economic or military resource; 
the perceived impediments of legislation to realising the competitive national 
economic and social benefits of AI; and the power asymmetry in AI capability 
being concentrated in digital platforms benefiting from network effects [9]. 

Over all types of works, a wide range of motivation have been identified [18], the 
incompatibility of some of which can further impede consensus on approaches to 
implementing trustworthy AI. 

Nevertheless, there are multiple parallel standardisation activities ongoing 
internationally that are attempting to build some level of consensus, includ- 
ing the above-mentioned IEEE P7000 and ISO/IEC JTC 1/SC 42 activities and 
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several national activities. This multiplicity of standards development may itself, 
however, contribute to inconsistencies and incompatibilities in how different 
organisations govern their Al activities. Reducing ambiguity in how different 
stakeholders in the AI value chain communicate with each other, and with society 
in general about their trustworthy AI practices is therefore critical to build- 
ing trustworthiness of the resulting Al-based products and service. With both 
individual organisations developing their own AI policies and legislation for AI 
regulation starting to be considered in major jurisdictions such as the EU, there 
is a need to support the ongoing mapping of concepts between these different 
parallel activities so that harmful or expensive inconsistencies can be identified 
early and hopefully resolved. 

The following requirements for semantic interoperability between concepts 
developed by different bodies can therefore be identified and are depicted in 
Figure 1: 


1. Consistency between documents being developed within the same stan- 
dards family. 


2. Comparison between documents produced by parallel standards activities. 
3. Mapping between standards and regulatory/legislative proposal to determine 
the extent to which a standard can address regulatory requirements (US “safe 


harbour” or EU’s harmonised standards approach). 


4. Analysing the degree of compliance between a standard and an organisation's 
Al policies and procedures, including their documentation outputs. 


5. Assessing organisational policies against regulations. 


6. Comparing different regulatory proposals internationally or comparing revi- 
sions to proposals in a single jurisdiction. 


7.Comparing AI policies published by different organisations. 


Standards 
development 


Ontology 


Organisational 
Policy 
development 


Legislative 
development 


Figure 1. 
Role of semantic interoperability between bodies involved in governance of trustworthy AI. 
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3. JTC1 standards related to trustworthy AI 


Same as other ISO/IEC JTC 1 standardisation activities, SC 42 places a strong 
emphasis on ensuring consistency with existing process and interoperability 
standards as well as reuse of existing terms and concepts to provide industry with 
a consistent body of applicable standards. SC 42 is therefore addressing Al-related 
gaps within existing standards, including those for management systems, risk 
management, governance of IT in organisations, IT systems and software quality. 
Rather than addressing AI ethics directly as a normative issue, SC 42 addresses the 
broader issues of trustworthy AI, with a technical report that sets out some of the 
core concepts and issues for standardisation related to Trustworthy AI (ISO/IEC 
24028:2020) [19]. In this report, trustworthiness is defined as the ability to meet 
stakeholders’ expectations in a verifiable way. When applied to AI, trustworthi- 
ness can be attributed to services, products, technology, data and information as 
well as organisations when considering their governance and management. This 
view considers trustworthy AI as realisable as part of a broader set of engineering, 
management, and governance process standards that can be employed together 
by organisations involved in AI and that can support mechanisms for conformity 
assessment including 3rd party certification and external oversight. 

The Trustworthiness Working Group (WG 3) within SC 42 has a strong pipeline of 
pre-standardisation and standardisation activities. The road mapping activities within 
the group are driven by gap analyses of prior art as well as current policy documents 
(including the IEEE EAD [2], HLEG [4], and OECD [5]). WG 3 builds on founda- 
tional terminology and high-level life cycle notions elaborated within SC 42/WG 1 
foundational deliverables ISO/IEC CD 22989 [20] on AI Concepts and Terminology 
and ISO/IEC CD 23053 [21] ona Framework for Artificial Intelligence (AI) Systems 
Using Machine Learning. WG 3 primarily looks at Trustworthiness high level char- 
acteristics and addresses them through elaboration of new project proposals of either 
pre-standardisation informative deliverables, surveying the state of the art in an area 
(before proceeding to normative coverage at a later stage) or of normative deliverables. 

The fully fledged normative deliverable type within the ISO/IEC ecosystem is an 
International Standard (IS), however, not many areas in AI are mature enough to be 
addressed in international standards. This includes non-normative technical reports 
on current approaches to addressing societal and ethical aspects of AI [22] and bias 
in AI [23]. Thus WG 3 currently works only on three IS deliverables. 

ISO/IEC CD 23894 Information Technology — Artificial Intelligence — Risk 
Management [24] is a specialisation of ISO 31000 Risk Management [25]. This is 
an example of SC 425 respect for prior art and application of existing frameworks 
such as quality, risk management, or management systems framework in the newly 
standardised area of AI and ML. 

Another IS deliverable within the group is ISO/IEC WD 25059 Software 
engineering — Systems and software Quality Requirements and Evaluation 
(SQuaRE) — Quality model for Al-based systems [26]. This IS is an extension to the 
influential Systems and software Quality Requirements and Evaluation (SQuaRE) 
series owned by JTC 1/SC 7. Quality and trustworthiness are in a sense competing 
paradigms as they are looking at similar sets of high-level characteristics such as 
robustness, reliability, safety, security, transparency, explainability etc. but the 
distinctive difference is in the need for quality stakeholders to take explicit part 
in actively defining quality requirements, while trustworthiness stakeholders do 
not have to explicitly state their expectations in order to influence objective trust- 
worthiness criteria. At any rate, the SQuaRE4AI standard sets a quality model that 
profiles the traditional quality and trustworthiness top level characteristics and 
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their sub-characteristics for other normative deliverables in the area that are aiming 
at setting method and process requirements and recommendations. 

The third IS in the making in WG 3 is ISO/IEC WD 24029-2 Artificial 
intelligence (AI) — Assessment of the robustness of neural networks — Part 2: 
Methodology for the use of formal methods [27]. This series aims to address the 
technical robustness pillar of AI trustworthiness, Part 2 specifically by looking 
at formally provable robustness and performance related properties of neural 
networks. While machine learning and neural networks in particular are an 
extremely active R&D field, the formal mathematical theory in which neural 
networks are based is well academically researched and stable. Therefore, it is 
possible to benefit from known and provable properties of neural networks in 
current and upcoming industrial applications. 

Technical Specification is a normative deliverable that has a less rigorous 
approval process, essentially there is only one round of national bodies approval 
for a TS compared to two distinct (and repeatable) stages for an IS approval. While 
it is easier to approve and publish a TS, a TS needs to be transformed into an IS 
or withdrawn 3 years after its publication. TS are sometimes called experimental 
standards. This type of deliverable is used in areas that are in urgent need of norma- 
tive standardisation as demonstrated by industry or societal demand, while the area 
to be standardised is still in flux from the research and development point of view. 
This is why WG 3 decided to ask SC 42 national bodies to approve development of 
ISO/IEC NP TS 6254 Information technology — Artificial intelligence — Objectives 
and methods for explainability of ML models and AI systems. 

To develop an understanding of how these trustworthy AI standards relate to 
policies and processes defined by individual organisations and emerging as regula- 
tions in different jurisdictions requires an understanding of other aspects of AI 
standardisation under development in the other working groups of SC 42. 

Working group 1 (WG 1) addresses foundational standards including the above- 
referenced AI Concepts and Terminology [20], which aims to provide consistency 
across the use of terms and concepts in other SC 42 documents and a Framework 
for Artificial Intelligence (AI) Systems Using Machine Learning [21] which reflects 
the central position of the machine learning area of AI in industry interoperability 
requirements. 

Of importance to the mapping of AI standards to industry practice and regula- 
tion was the approval in August 2020, after a justification study, to develop an AI 
Management System (AIMS) Standard [28]. Management System Standards have 
a distinct role on the ISO ecosystem of standards types, as they provide the basis 
for certifying organisational processes. This provides a basis for organisations to 
demonstrate their conformance to specific standardised behaviour for management 
and related technical operations processes. Regulatory authorities also can make 
reference to such standards in specifying compliance regimes in complex technical 
domains. This allows authorities to manage the complexity and risk of technological 
change in regulations and to do so in a way that aligns with international industry 
and society consensus established through international standards. In contrast with 
industry consortia active in standardisation, standards produced by ISO and IEC 
are driven by national bodies (ISO and IEC members) who are typically mandated 
by their governments to represent a wider range of societal stakeholders than just 
industry. The overarching goal of these member organisations is to ease doing busi- 
ness according to the United Nations World Trade Organisation’s charter, as well as 
achieving United Nations’ sustainable development goals (SDGs). 

In recognition that big data plays a central role in the development of modern AI 
systems, Working Group 2 (WG 2) of SC 42 has developed a series of big data stan- 
dards. This includes a Big Data Reference Architecture (BDRA) [29] that provides a 
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structured set of functional areas related to Big Data processing. Currently, WG 2 is 
developing a process management framework for big data analytics [30]. 

Finally, SC 42 also hosts and leads a joint working group (JWG 1) with JTC 1/SC 
40 which addresses IT service management and IT governance in a specification for 
governance implications of the use of artificial intelligence by organisations [31]. 
This builds on the existing SC 40 standard providing guidance and principles for 
the effective, efficient, and acceptable governance of IT in an organisation [32]. 


4. Conceptual modelling approach 


The formalisation of terminology is already a key element of international stan- 
dards development [33], Section 16. However, the use of ontologies to improve the 
consistency and coordination in international standards is not so well established, 
though it has been proposed [34]. There are some ambitious proposals to drive stan- 
dards development together with implementation and verification from machine 
readable standards, with machine readable semantics of ontologies at its core [35], 
annex 11.4. The proposed application of ontologies to automated assistance in stan- 
dards management and compliance, however, is outside the scope of this chapter. 

ISO/IEC JTC 1/SC 32 has established requirements for ontologies to support 
semantic interoperability between information systems developed by different 
organisations and consortia across different application domains. These require- 
ments address ontology definitions in a hierarchical manner with a top-level 
ontology that provides core concepts that can be used in defining more specialised 
domain-specific ontologies [36]. Such ontologies are expressed through a combina- 
tion of natural language definitions and a machine-readable representation in a 
combination of description logic captured in the OWL2 language standard by the 
W3C [37] and Common Logic (CL) [38]. While CL is a full First Order Logic and 
therefore more expressive than OWL2, the latter offers the advantage of decidability 
by automated reasoners, therefore better supporting automated checking of speci- 
fications. For the top-level ontology, the Basic Formal Ontology (BFO) is used [39]. 
To support the mapping between different domain models, the BFO adopts a realist 
design philosophy that aims to capture the objective reality in a domain rather than 
existing data representations. The BFO places a strong emphasis on representing 
temporal and spatial characteristics of concepts. For example, at the highest level it 
distinguishes between conceptual hierarchies for continuant entities that persist over 
time, and occurrent entities that are time bound. Separate to its inclusion in ISO/IEC 
standardisation’s use of ontologies, the BFO has been used for a set of biomedical 
ontologies [40] and for a collection of general common core ontologies addressing 
both horizontal concepts, known as mid-level ontologies, e.g., on event, informa- 
tion, currency, and domain-specific ontologies such as spacecraft and ethnicity [41]. 

While the BFO provides a precise conceptual structure for modelling a wide 
range of concepts, its realist approach to ontology engineering implies a need for 
a centrally controlled programme of ontology development to ensure consistent 
use of top-level concepts. While this would suit the objective of checking for and 
resolving consistency between a set of documents being developed under a common 
authority e.g. within SC 42, the requirements for checking consistency between 
regulatory and organisation policy drafts raises the needs to support a broad cohort 
of conceptual modellers who can operate without a common coordinating author- 
ity. An ontological approach that will be accessible for analysis and development by 
this wider range of conceptual modellers points therefore to demand less stringent 
conceptual modelling skills and is more accommodating to decentralised, domain- 
specific, and parallel development than BFO would enable. 
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The World Wide Web Consortium’s (W3C) Data Activity (https://www. 
w3.org/2013/data/)buildson its earlier Semantic Web activity in developing industry 
standards for semantic interoperability that works to the scale and decentralised 
nature of the WWW. Grounded in the Resource Description Framework (RDF) 

[42] which allows an unlimited knowledge graph of nodes and links to exist as 
online resources on the WWW. Nodes and associations in this knowledge graph 

are typed according to ontologies, also known as data vocabularies, that can be 
developed independently and published to a distinct namespace on the WWW. This 
name-spaced typing allows the free combination of types and associated conceptual 
knowledge from any published vocabulary. This has enabled the development and 
integration of a global network of over 1200 open and interlinked data sets, known 
as the linked open data cloud [43]. Further logical axioms can be introduced toa 
vocabulary by including constructs from the Web Ontology Language (OWL) [37]. 
The W3C restricts its ontology standardisation activities to those vocabularies that 
support the development, location, interlinking and use of datasets on the web 

and to application areas that are well aligned to decentralised data publishing e.g. 
geospatial data. Organisations and consortia that develop vocabularies that address 
specific domains are free to publish them under their own name space, reusing 
aspects of other ontologies as needed. This highly decentralised approach therefore 
aligns well with the goal of promoting participation of those generating standards, 
organisational policies and regulations as well as those with an interest in how these 
documents develop and map to each other. 

There is extensive research conducted on the use of ontologies in assessing 
compliance of organisational policies and practices with regulation [44]. Such 
assessment can be categorised as ex-ante compliance activities conducted before 
the regulated activity is performed or as ex-post compliance which is conducted 
after the regulated activities have occurred. The Provenance Ontology (PROV-O) is 
a W3C standard for the representation of provenance information using semantics 
provided by RDF and OWL [45]. PROV-O provides classes, properties, and restric- 
tions to represent and interchange provenance information within different con- 
texts. Its conceptual model is focussed on provenance of activities, the entities that 
those activities use and generate, and the actors associated with those entities or to 
whom activities are attributed. PROV-O can be specialised to create new classes and 
properties to model provenance information for different applications and domains. 
This has been utilised to extend its conceptual model to specify ‘plans’ for ex-ante 
representations, scientific workflows, and domain-specific requirements for activi- 
ties. An example of its usefulness is the representation of ex-ante and ex-post activi- 
ties for evaluating compliance with EU’s General Data Protection Regulation [46], 
which is one of the more relevant extant regulations for AI. This existing capability, 
coupled with the decentralised conceptual modelling enables by the underlying 
RDF/OWL-based approach, leads us to adopt PROV-O, and its modelling of activi- 
ties in particular, as the basis for conceptual modelling to support semantic interop- 
erability between different sources of trustworthy AI concepts outline in Section 2. 


5. Ontology for semantic interoperability between trustworthy AI 
documents 


The approach therefore taken in this chapter combines elements of BFO and 
PROV-O to provide a minimal and easy to understand ontology for mapping 
between different standard, regulations and organisational policies. Specifically, 
we retain the distinction from BFO between continuant and occurrent entities. For 
the continuant concept we adopt the PROV-O concept of Entity, which is defined 
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as: a physical, digital, conceptual, or other kind of thing with some fixed aspects; 
entities may be real or imaginary. For the occurrent concept we adopt the PROV-O 
concept of Activity, which is defined as: something that occurs over a period of time 
and acts upon or with Entities. It may include consuming, processing, transforming, 
modifying, relocating, using, or generating entities. We complement these core 
concepts of entity and activity with the PROV-O concept of Actor which is defined 
as: something that is involved in and may bear some form of responsibility for an 
Activity taking place, for the existence of an Entity, or for another Agents Activity. 
BFO captures the organisational concept of a role as a subclass of continuant. 
However, the centrality of ethics and responsibility to the conceptual modelling of 
trustworthiness as well as for practical mapping to normative rules that are essential 
to standards, regulation and organisation policies demands that the concept of an 
Agent is made core alongside Entity and Activity. For the core relationships between 
these core concepts, we again draw from PROV-O relationships between these 
concepts, but recognising the benefit of the realist philosophy of BFO, these are 
phased in the present tense, rather than the past tense expression of PROV-O, which 
has a narrower focus on recording provenance i.e. what has existed and occurred. 
Therefore, we introduce the following associations: 


e Activity uses Entity: where usage is defined in PROV-O as the beginning of 
utilisation of an Entity by an Activity, where before usage, the Activity had not 
begun to utilise this Entity and could not have been affected by the Entity. 


Activity generates Entity: where generation is defined by PROV-O as the 
completion of production of a new Entity by an Activity, where this Entity 
did not exist before generation and becomes available for usage after this 
generation. This therefore allows dependency chains to be assembled 
between Activities. 


Entity attributedTo Agent: which is the ascribing of an Entity to an Agent, 
thereby conveying some sense of responsibility for the Entity to that Agent. 
This provides a short form for relating an Entity to an Agent when the 
Activity associated with the Actor that generates or uses the Entity is not 
specified. 


Activity associated With Agent: which PROV defines as an involvement by an 
Agent in an Activity. 


Activity informedBy Activity: which allows a dependency between two Activities 
to be defined without needing to specify the generation and use of an Entity 
between them. 


Agent actsOnBehalfOf Agent: which is used in PROV-O to express delegation, 
which is the assignment of authority and responsibility to an Agent to act as 
delegate or representative of another Agent. The delegation can be assigned to 
a specific Activity which implies that the delegate Agent therefore takes ona 
degree of responsibility for the Activity. 


e Entity derivesFrom Entity: where PROV-O defines a derivation as a transforma- 
tion of one Entity into another, an update of an Entity resulting in a new one, 
or the construction of a new Entity based on a pre-existing Entity. This rela- 
tionship can be associated with a specific Activity, offering a similar chaining 
relationship to generates and uses. 
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In addressing these core concepts and relationships, we express a scope 
related to the activities of an organisation that relate to the trustworthiness of AI. 
Trustworthiness can be manifested through Trustworthy Characteristics of Entities 
that make up a product or service employing AI. Such AI trustworthiness charac- 
teristics can be for example associated with: the datasets used to train data-driven 
machine learning AI [47-49]; trained ML models [50, 51] or Al-based product or 
services [52]. While some of these existing approaches share specific type of trust- 
worthy characteristics for an Entity, e.g. those related to bias in ML models or the 
processing of personal data, these differ according to the needs of the specific link 
in the AI value chain that is being served, i.e. is the organisation providing dataset, 
AI model or completed AI-based products and service to its customers. However, 
the common feature of the above use of Trustworthy Characteristics is that they are 
communicated between one actor in a value chain and another. As the SC 42 techni- 
cal report on an Overview of AI Trustworthiness [22] states that it is insufficient for 
one to simply refer to the ‘trustworthy AI’, but instead one must specify who trusts 
whom in what aspects of AI development and use. In this ontology, therefore, we 
define that the Actor that is providing an Entity to another Actor takes responsibility 
for ensuring that the Trustworthy Characteristics of the Entity in question is exhibited, 
and not necessarily just to the Actor receiving them but to any interested parties. 

Trustworthiness can also be manifested through the Activities of an organisa- 
tion involved in providing Entities that exhibit some Trustworthy Characteristics. 
The existing examples of approaches to expressing trustworthy characteristics of 
Entities referenced above define many of those characteristics in terms of Activities 
that were conducted to arrive at the characteristic, e.g. risk assessment. 

To date, SC 42 has focussed on developing process-oriented standards, which 
is in line with the approach to developing Management Systems Standards (MSS) 
[53] annex SL. This approach is now being applied by SC 42 to develop a standard 
for an AI Management Systems (AIMS) [28]. A Management System is defined as 
a set of interrelated or interacting elements of an organisation to establish policies 
and objectives and processes to achieve those objectives. An MSS aims to provide 
organisations with guidance on standards activities in a manner that may be subject 
to independent certification. Such certification can also play an important role in 
establishing trust in an organisation’s implementation of complex technical pro- 
cesses as part of a regulatory framework. Therefore, the following concepts from 
[28] are added to the model as subclasses of Agent: 


e Organisation: person or group of people that has its own functions with respon- 
sibilities, authorities and relationships to achieve its objectives [28]. It is the 
Organisation which is the Actor disclosing Trustworthy Characteristics. 


e Stakeholder (used synonymously in [28] with an ‘interested party’): person or 
organisation that can affect, be affected by, or perceive itself to be affected by 
a decision or activity, that are conducted by the Organisation implementing an 
AIMS. The Stakeholder is therefore the Actor towards which any Trustworthy 
Characteristic is exhibited, with the aim of contributing to how that Actor 
determines its level of trust in what the Organisation claims possesses that 
characteristic. 


Stakeholders can be internal or external to the Organisation. Therefore, an 
Organisation will be involved in disclosing Trustworthy Characteristics to both 
internal and external stakeholder. Internal stakeholders include those with overall 
organisational governance responsibilities, i.e., the governing body, management 
and employees. Internal stakeholder also includes those bound to an Organisation 
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by contracts, which would include shareholders and supply chain partners, i.e., 
providers, customer and individual consumers. External Stakeholders can include 
regulators, government, potential supply chain partners, consumers, civic society, 
NGOs, the media and society in general. 

As Trustworthy Characteristics are defined as a relationship between 
Organisations and Stakeholders, Entities being characterised are subclassed Assets. 
Assets are Entities that represent some value to a Stakeholder. For AI internal stake- 
holders, Assets could include the data used to train or test an AI system, a trained AI 
model, a product or service that uses one or more AI systems, data consumed by an 
AI system in operation, software, computing and human resources used in training 
and operating an AI system [22]. 

In considering the trustworthiness of an AIMS we would be focussed on 
the Activities conducted by the Organisation operating the AIMS. However, this 
subclassing of Agents also allows Activities with Trustworthy Characteristics to be 
associated with Stakeholder, and in particular external stakeholders, which allows 
complementary activities, e.g., in value chain partners or regulators, to be modelled. 
While external Activities may not be an explicit part of an AIMS specification, they 
may be referenced in regulations or organisational policies which aim to clarify the 
interactions and share of responsibilities between Activities of the Organisation and 
those of such external stakeholders. 

To capture to different responsibilities within an Organisation operating an 
AIMS, additional semantics for the relationships between Activities (beyond 
dependencies via the use and generation of Entities and the dependsOn relation- 
ship) are required. Reference architectures and process model specifications often 
group activities into groups representing closely related or commonly co-occurrent 
process. Activities are also sometime grouped into roles, which are a set of activities 
servicing some common purpose, the responsibility for which is often allocated 
together to a specific organisational unit. We therefore include a compositional 
relationship between Activities called partOf that allows for various forms of 
Activity groupings. 

Within the context of an AIMS, and its mapping to regulations and policies 
of specific organisations, it is also important to capture some sense of different 
levels of responsibility and corresponding accountability. SC40 distinguishes 
between an organisation's governance function and its management function 
as part of guidelines the governance of IT [32]. The governance function is 
responsible for understanding the external pressures in forming an organisation's 
direction, strategy, objectives and policy in adopting IT, including customer, 
competitive, stakeholder expectation and regulatory pressures. The management 
function is then responsible for planning and achieving those objectives within 
the constraints of the strategy and policy. The governance function is structured 
into three activities, which are elaborated in the governance of IT implementa- 
tion guide standards [54], Evaluate, Direct and Monitor. The evaluate activity 
addresses internal and external considerations in assessing plans and proposals 
from the management function. The direct activity sets direction through strategy 
and policy and assigns responsibilities for their realisation by the management 
function. The monitor activity assesses the performance of the realisation of gov- 
ernance direction on a regular basis, triggering further evaluation and direction if 
deficiencies are identified. Management functions are responsible for the control 
of technical operations activities and may do so through delegation between 
appropriate levels of control. To capture the relationship between governance and 
management activities and between different levels of control between manage- 
ment activities, the following relationships between Activities in the ontology are 
defined: directedBy, evaluatedBy, monitoredBy and controlledBy. 
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associatedWith informedBy 
actsOnBehalfOf iyi p 
directedBy 


evaluatedBy 
monitoredBy 
controlledby 


generates 


attributedTo 


hasValueTo 


T Key: 
isA association 


characteristicOf 


Exhibited Characteristic 


TAN 


Trustworthiness Characteristic 
Figure 2. 


Core concepts and relationship for semantic interoperability for trustworthy AI. 


discloses 


Organisation 


exhibitedTo 


Stakeholder 


Figure 2 captures the above concepts and relationships into a core ontology that 
is intended to support the mapping of concepts between different emerging AI stan- 
dards in SC 42 and between those standards and emerging organisational policies or 
governmental regulations as indicated in Figure 1. By restricting these concepts to a 
small core that is already established in existing standards, upon which some of the 
SC 42 standards are based, we anticipate this ontology will provide a robust basis for 
identifying the relationships between such concepts in different specifications. 

SC 42 has already identified characteristics that a trustworthy AI system or 
organisation involved in their implementation could exhibit [22]. These include 
technical characteristics such as reliability, robustness, verifiability, availability, 
resilience, quality, bias and robustness; stakeholder-related characteristics such 
as ethics, fairness and privacy; as well as management- and governance-related 
characteristics such as transparency, explainability, accountability and certification. 
However, the definition of many of these characteristics are still not yet well defined 
in relation to AI. By focussing on Activities, Entities and Agents we aim to identify 
mappings between concepts in different standards and therefore any gaps that can 
directly inform more consistent and comprehensive standards. In this way we hope 
to assist in the progression from broad statements of principles and areas of concern 
by the private sector, international bodies and governments, towards the develop of 
commonly understood process framework for the governance and management of 
Trustworthy AI, the ontology aims to do this is a way that accommodates the current 
range of definitions and interpretation of many of these characteristics and supports 
their convergence over time into concrete and internationally recognised governance 
and management processes and policies. In the following sections we show how this 
process can be undertaken by using this ontology to map between activities in the 
core anticipated AIMs and other relevant SC 42 specifications. 


6. Modelling of AI management system activities 


In 2020, SC 42 completed a justification study for a Management System 
Standard for AI. This was accepted in August and led to the initiation of a project 
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Activity label See also attributedTo generates uses 
ID “42001-*” (type Entity) (type Entity, 
“aims*” 
aimsA1 Understanding 41 O aimsE1 - 
organisation and External and 
its concepts internal issues 
affecting AIMS 
outcomes 
aimsA2 Understanding 4.2 O aimsE2 - AIMS E1 
stakeholder Stakeholders; 
needs and aimsE3 - 
expectation Stakeholder 
requirements 
aimsA3 Determine 43 O aimsE4 - AIMS E1, E2, E3 
AIMS scope Scope 
aimsA4 Establish AIMS 5.2 TM aimsE5- AI E1, F2, E3 
policy Policy 
aimsA5 Assign roles, 5.3 TM aimsE6- Roles, E3, E4, E5 
responsibilities responsibilities 
and authorities & authority 
assignments 
aimsA6 Address 6.1 O aimsE7- AI risk E1, E2, E3 
risks and management 
opportunities plan 
aimsA7 Establish and 6.2 O aimsE8- AI E3, E4, E5, E6 
plan to achieve objectives; 
Al objectives aimsE9- Plan 
to achieve AI 
objectives 
aimsA8 Determine 71 O aimsE10- AI E9 
and allocate resource 
resources for allocation 
AIMS 
aimsA9 Determine 7.2 O aimsE11- AI E9 
and ensure competence plan 
competence of 
people affecting 
AI performance 
aimsA10 Promote 73 O aimsE12 - AI E3, E5, E6, E9 
awareness awareness plan 
aimsA11 Determine 74 O aimsE13 - AI E3, E9 
AIMS communication 
communication plan 
aimsA12 Plan and control 8.1 O aimsE14 - AI E6-E9 
Al processes operational 
process control 
plan 
aimsA13 Monitor, 9.1 O aimsE15 -AI & E3-E8 
measure, AIMS evaluation 
analyse and plan; aimsE16 
evaluate AI - AI & AIMS 
evaluation 
results 
aimsA14 Internal audit 9.2 O aimsE17 - AIMS E3-E6, E15, 
audit plan; E16 
aimsE18 - AIMS 
audit results 
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Activity label See also attributedTo generates uses 
ID “42001-*” (type Entity) (type Entity, 
“aims*” 
aimsA15 Undertake 9.3 TM aimsE19 - AIMS E1-E19 
management change and 
review improvement 
report 
aimsA16 Detect non 10.1 O aimsE20 - AIMS E5, E8, E7 
conformance non conformity 
and take and corrective 
corrective action action report; 
aimsE21 - AIMS 
corrective action 
evaluation 
aimsA17 AIMS Continual 10.2 O aimsE1 - E1-E15 
improvement aimsE15; 
aimsE17; 
aimsE20; 
aimsE21 


* = wildcard representing row value(s) in the column. 


Table 1. 
Activity and entities identified for an AIMS. 


to develop as AI Management System (AIMS) Standard [28], following the guide- 
lines set out in the ISO/IEC Directive 1 [53]. All MSS should follow a consistent 
high-level structure which includes common text and terminology as presented 

in Annex SL of this Directive. This is to allow different MSS addressing different 
horizontal and domain-specific areas to be integrated into the same overall man- 
agement system within an organisation that implements these MSS. It is intended 
that MSS should be developed in a manner open to different stakeholders, including 
accreditation bodies, certification bodies, enterprises and the user community. The 
high-level structure for MSS therefore provides a well-defined source of concepts 
that are likely to be reflected in the MSS being developed for AI, which must also 
address management aspects of trustworthiness. The use of MSS for organisational 
process certification means it is also a suitable source of concepts that will be useful 
to track against those being developed for public and organisational policy and 
processes. 

Table 1 presents a mapping of the MSS high level structure as a set of 17 AIMS 
activities, with each concept given an identifier, a label attribute, and a ‘see also’ 
attribute referencing the relevant section in the AI MSS draft, the numbering for 
which is mandated in the MSS high level structure. Each of these AIMS activities 
is attributed to either the organisation overall (O) or top management (TM) as 
defined in the MSS high level structure, where the former attribution implies that 
activity spans governance and management levels. Relationship between these 
activities is captured by generates and uses attributes referencing 21 AIMS entities 
derived from the text in the MSS high level structure. 


7. Modelling of AIMs technical operation activities 


The foundational standard on AI terms on concepts [20] entered its second 
committee draft ballot review towards the end of 2020 and is therefore still under 
development. However, Section 6 of the draft does provide an outline of the life- 
cycle for an AI system made up of activities: inception; design and development, 
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ID 22989* CD2 22989 - Al terms and concepts partOf 
ICv Inception 
IC1 Determine stakeholders’ objectives IC; aimsA1 
IC2 Determine stakeholders’ requirements IC; aimsA2 
IC3 Risk assessment and treatment planning IC; aimsA6 
IC4 Policies and compliance planning IC; aimsA4 
DD ** Design and development 
vv ** Verification and validation 
DE ^* Deployment 
OM v* Operation and monitoring 
OM1 Monitor AI system OM; aimsA13 
OM2 Repair AI system OM 
OM3 Update AI system OM 
OM4 Support AI system users OM; aimsA11 
OM5 OMS: Risk monitoring and review OM; aimsA6 
cv ** CV: Continuous validation 
RE ** RE: Re-evaluation 
RI^" RT:: Retirement 

Table 2. 


Partially expanded view of AI lifecycle activities and sub-activities from CD22989 [20]: Activity ID key: 
v = constituent activities expanded, ^ = constituent activities collapsed, * = AI technological operation activities. 


verification and validation; deployment; operation and monitoring; continuous 
validation; re-evaluation; and retirement. Table 2 shows a partially expanded 
breakdown of sub-activities that are part of these activities, exemplifying how 
the partOf attribute of these activities are used to identify the constituent activi- 
ties. It also identifies certain sub-activities as also part of specific AIMS activities 
from Table 1. Sub-activities under the Inception activity are identified as part of 
specific AIMS activities which would form part of the governance and manage- 
ment activities. The operations and monitoring activity (OM in Table 2) of the Al 
lifecycle also contains some sub-activities that are part of AIMS activities, related 
to monitoring (aimsA13), communication (aimsA13) and risk (aimsA6). Further, 
all the AI lifecycle activities except Inception, are classified as technical opera- 
tions activities, meaning within the AIMS they are directed by activity aimsA3 
and aimsA4, evaluated by activities aimsA8 and aimsA9, monitored by activities 
aimsA13, aimsA14, aimsA15, aimsA16 and aimsA17 and controlled by activities 
aimsA12 (plan and control AI processes). The transitive nature of the partOf 
relationship therefore implies that the sub-activities of these AI lifecycle activities 
are also classed as technical operation activities with the same directedBy/evaluat- 
edBy/monitoredBy/controlledBy relationship to the corresponding AIMS activi- 
ties. As AIMS activities can operate at different levels of management delegation, 
technical operations activities such as operations and monitoring (OM) therefore 
both play a part in conducting AIMS activities, but at a much narrower level of 
abstraction, as well as being subject to direction, evaluation and monitoring of 
other AIMS activities. It is notable that all the top layer activities in this lifecycle 
model, apart from retirement activities (RT) are part of the AIMS activity address 
risk (aimsA6). 
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Though this lifecycle model from [20] is still a draft, it is being used in other 
SC 42 drafting activities, specifically the technical report on AI bias [23], which 
in Section 9 breaks down bias treatment at each of the top levels activities of the 
lifecycle model, and a new work item on AI system life cycle processes to support 
their definition, control and improvement within an organisation or project [55]. 

As well supporting the mapping of AIMS activities into standards that explicitly 
define processes that we can model as activities, the ontology from Figure 2 can 
also be used to map AIMS into role-based frameworks. Specifically, SC 42 Big 
Data Reference Architecture [29], which is structured into big data provider roles 
of: application provider, framework provider, service provider, data provider and 
consumer. These roles further are subdivided into sub-roles for which constituent 
activities are defined. This conforms with the notion of a role being a set of activi- 
ties, so again this containment structure can be expressed as partOf relationship 
between the different levels of activity sets corresponds to those roles. All these 
are categories as technical operations activities in relation to the AIMS activities, 
though some also map to specific AIMs activities, with roles-based activities related 
to auditing (aimsA14) and requirements capture (aimsA7). 

This mapping of activities reveals that while different standards developed 
under SC 42 are broadly consistent with the high-level structure of AIMS, they 
vary in which areas of AIMS they focus on. While this may be arguably appropriate 
for the projects concerned, it does indicate that AIMS activities are not compre- 
hensively mapping into other SC 42 standards as a matter of course. The ontology 
therefore provides a way of tracking these mapping and identifying gaps that may 
need to be addressed as the AIMS is specified or as changes to the other standards as 
they develop or are reviewed over time. 


8. Modelling stakeholders 


The mapping of role-oriented activity processes from the Big Data Reference 
Architecture to AIMS activities also indicates how groupings of activities expressed 
as a role, e.g. Big Data Application Provider or Big Data Consumer, can also be 
used to model a stakeholder. The draft foundational terms and concepts standard 
from SC 42 [20] has similarly identified stakeholder in relation to similar types of 
value-chain role, but SC 42 has not yet attempted a more detailed characterisation 
of the activities that such stakeholders would undertake, and which would therefore 
define such stakeholder roles. 

However, many aspects of AI ethics and their impact on the trustworthiness 
of AI, relate to the impact on stakeholders who are not directly involved in the 
AI value chain, even as customers or consumers, e.g., pedestrians injured by an 
automated vehicle, local communities blighted by automated routing of commercial 
traffic through their neighbourhood, or people denied access to financial, health 
or social security services due to bias in algorithmic decision-making. In addition, 
such indirectly affected stakeholders may be difficult for organisations to identify 
and consult, so appropriate representation may be needed. Such representation 
could take the form of NGOs concerns with rights of certain groups, labour unions, 
professional bodies, local community groups, up to and including democratic 
forms of representation in the form of local and national governments. These issues 
are addressed however in the ISO Guidelines for Social Responsibility ISO26000 
[56]. Its guidance is based on the fundamental practices of recognising social 
responsibility within an organisation and undertaking stakeholder identification 
and engagement. The guidance is based on the principles similar to those identified 
in the growing literature on AI ethics [6], including accountability, transparency 
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and ethical behaviour as well as respect for the rule of law, international norms of 
behaviour and human rights. Social responsibility guidance is provided in terms of 
37 issues, each with suggested actions to address them and associated behavioural 
exceptions. These issues are each grouped under one of the following social respon- 
sibility core subjects: Human Rights; Labour practices; the Environment; Fair oper- 
ating practices; Consumer issues; and Community involvement and development. 
The fact that these core subjects map onto different areas of legislation in many 
jurisdictions internally also eases the mapping of guidelines using this structure 
onto regulatory or other legal obligations that must be complied with by an organ- 
isation’s management system. ISO26000 does not specifically address the use of AI, 
however these issues are sufficiently broad to provide a basis for mapping out spe- 
cific ethical and societal issues associated with AI as shown through a comparison 
[57] with the normative language on trustworthy AI principles established in [2, 4, 
5]. ISO already provides guidance in [58] on how to map principles and issues from 
ISO 26000 to the high level structure of MSS. SC 42 also recognises the importance 
of ISO 26000 guidance in handling stakeholder issues in the draft standards on AI 
governance [31] and AI risk management [24], with the draft technical report on 
ethical and societal concerns of AI [22] including a high level mapping of ISO26000 
core issues onto AI risks and treatments. 


9. Conclusions and further work 


This chapter has highlighted the multiplicity of parallel activities being under- 
taken in developing international standards, regulations and individual organisa- 
tional policies related to AI and its trustworthiness characteristics. The current lack 
of mappings between these activities presents the danger of a highly fragmented 
global landscape emerging in AI trustworthiness. This could present society, 
government and industry with competing standards, regulations and organisational 
practices that will then serve to undermine rather than build trust in AI. This chap- 
ter presents an overview of AI standardisation currently being undertaken in ISO/ 
IEC JTC 1/SC 42 and identifies its work to define an Al management system stan- 
dard as the starting point for establishing conceptual mapping between different 
initiatives. A minimal, high level ontology for the support of conceptual mapping 
between different standardisation, regulatory and organisational policy documents 
is presented. We show how this can help map out the overlaps and gaps between AI 
governance, management and technical operations activities present in some of the 
SC 42 standards currently under development. 

Further work is required to develop and maintain a mapping between the 
ontological concepts and relationships identified from the emerging set of SC 
42 AI standards and the emerging trustworthy AI regulations and policies from 
different organisations. The mapping of such standards to the ontology could be 
made publicly available in a findable, accessible, interoperable and reusable form, 
using linked open data principles [43], and updated as the referenced specifications 
evolve. This will assist in identifying gaps and inconsistencies between evolving 
drafts, especially in developing the AIMS standard [20]. The set of trustworthy 
AI characteristics could be captured in the ontology, based in the first instance on 
the AI engineering quality characteristic being developed in [26]. Similarly, the 
ontology can be extended to express sets of AI risks and treatments so concepts 
developed in AI risk [24] and bias [23] will also be captured. 

The use of this ontology-based approach for comparing the guidance between 
standards could also be applied between SC 42 and the largely orthogonal set of 
standards being developed under P7000. These include ethical design processes, 
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transparency for autonomous systems, algorithmic bias, children, student and 
employee data governance, AI impact on human well-being, and trustworthiness 
rating for news sources. 

Draft legislations for AI such as [59] will need to be analysed in terms of activi- 
ties, actors, entities, characteristics and risks so that a mapping to the equivalent 
concepts from the SC 42 specifications family can be assembled and maintained. 
Similar analyses will be undertaken on publicly available policies from international 
bodies such as the EU High Level Expert Group on Al’s checklist for trustworthy AI 
[60] and the proposals emerging from the private sector for assigning trustworthi- 
ness declaration to products and services [47-51]. 
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